P. Mell, K. Scarfone, and S. Romanosky, A complete guide to the common vulnerability scoring system version 2.0. Published by FIRST-Forum of Incident Response and Security Teams, p.123, 2007.

J. Pescatore, Application Security: Tools for Getting Management Support and Funding, 2013.

M. Finifter, A. Devdatta, and W. David, An Empirical Study of Vulnerability Rewards Programs Washington (2013) 5. Dark Reading: Connecting The Information Security Community, Proceedings of the 22nd USENIX Security Symposium, p.273288

R. Security-severity, Severity Guidelines for Security Issues, https://www.chromium.org/developers/ severity-guidelines, mozilla.org. SecuritySeverity?Ratings 9, 2016.

A. A. Younis and Y. K. Malaiya, Comparing and Evaluating CVSS Base Metrics and Microsoft Rating System, 2015 IEEE International Conference on Software Quality, Reliability and Security, pp.252-261, 2015.
DOI : 10.1109/QRS.2015.44

L. Allodi and F. Massacci, Comparing Vulnerability Severity and Exploits Using Case-Control Studies, ACM Transactions on Information and System Security, vol.17, issue.1, 2014.
DOI : 10.1145/2630069

M. Miller, T. Burrell, and M. Howard, Mitigating Software Vulnerabilities, 2011.

S. S. Nagaraju, G. Craioveanu, and E. Florio, Software Vulnerability Exploitation Trends, 2013.

M. Bozorgi, L. K. Saul, S. Savage, and G. M. Voelker, Beyond heuristics, Proceedings of the 16th ACM SIGKDD international conference on Knowledge discovery and data mining, KDD '10, p.105114, 2010.
DOI : 10.1145/1835804.1835821